Summary: The Croatian DPA has fined a telecommunications company EUR 285,000. The company had suffered a data breach. Attackers had managed to access data from about 100,000 data subjects. During its investigation, the DPA found that such a breach was facilitated by the company’s failure to implement adequate technical and organizational security measures for the…
Category: Breach Incidents
Recent cyberattacks put Thai citizens’ privacy and data security at greater risk
In December of 2021, Thailand’s National Cyber Security Agency launched after being delayed by the COVID-19 pandemic. In February, it announced that it intended to roll out 40 subordinate regulations of the Cybersecurity Act this year to strengthen the country’s systems. It sounds like an ambitious — but badly needed — update. For the past…
CentralSquare settles one Click2Gov data breach lawsuit
Between 2018 and the end of 2020, DataBreaches published dozens of news reports on municipal breaches involving CentralSquare’s ClicktoGov software. The software allows residents to pay utility bills or other municipal bills online. Now Top Class Actions reports that CentralSquare has agreed to pay $1.9 million to settle litigation by some consumers. Consumers whose credit…
Desorden is back, declares an attack on MISTINE Better Way Thailand Company
It’s been a while since DataBreaches has seen any announcements from Desorden, but the group contacted DataBreaches over the weekend to claim responsibility for a hack and data breach of Better Way Thailand Company Limited, a personal care products and cosmetics distributor. Mistine is one of 200 companies under Saha Group, Thailand’s leading consumer products publicly…
In yet another long gap to notification, a covered entity notifies patients of a May 2021 cyberattack
On May 5, 2021, Benson Health in North Carolina (formerly known as Benson Area Medical Center) discovered that it was the target of a cyberattack. According to their notification dated July 7, 2022, they immediately launched an investigation, engaged a law firm specializing in cybersecurity and data privacy, and engaged third-party forensic specialists to assist….
BJC HealthCare settles class action litigation
In May 2020, DataBreaches noted that BJC Healthcare in Missouri was alerting patients to a data breach. The breach had first been discovered on March 6, shortly after three employee email accounts were compromised. At the time of notification, BJC Healthcare reported that investigators were unable to determine if any emails or attachments had actually…